undefined | Better HN

0 pointsdboreham8y ago0 comments

Perhaps because it was originally designed for use without TLS? Request signing was pretty much ubiquitous 10 years ago.

0 comments

Promarged8y ago

I'm not from Amazon but I'd guess they want to protect the request from being replayed inside their own systems.

sloxy8y ago

more likely it's so they don't have to have a more convoluted process where they call out to requesting service to verify RQ & all which that entails (on both sides).

j / k navigate · click thread line to collapse

0 pointsdboreham8y ago0 comments

Perhaps because it was originally designed for use without TLS? Request signing was pretty much ubiquitous 10 years ago.

0 comments

Promarged8y ago

I'm not from Amazon but I'd guess they want to protect the request from being replayed inside their own systems.

sloxy8y ago

more likely it's so they don't have to have a more convoluted process where they call out to requesting service to verify RQ & all which that entails (on both sides).

j / k navigate · click thread line to collapse